VulnerableCode Package Details - pkg:deb/debian/golang-golang-x-oauth2@0.3.0-1?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/golang-golang-x-oauth2@0.3.0-1?distro=trixie

purl	pkg:deb/debian/golang-golang-x-oauth2@0.3.0-1?distro=trixie

Next non-vulnerable version	0.27.0-1
Latest non-vulnerable version	0.27.0-1
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-nrrp-y243-bfa1 Aliases: CVE-2025-22868 GHSA-6v2p-p543-phr9	golang.org/x/oauth2 Improper Validation of Syntactic Correctness of Input vulnerability An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.	0.27.0-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-03T07:25:47.338677+00:00	Debian Importer	Affected by	VCID-nrrp-y243-bfa1	https://security-tracker.debian.org/tracker/data/json	38.1.0